T6 Firmware

t6_firmware

Vendor: Totolink • 39 CVEs

CVEs (39)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-32053 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041621c.
CVE-2022-32052 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_004137a4.
CVE-2022-32051 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc, week, sTime, eTime parameters in the function FUN_004133c4.
CVE-2022-32050 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the cloneMac parameter in the function FUN_0041af40.
CVE-2022-32049 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the url parameter in the function FUN_00418540.
CVE-2022-32048 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the command parameter in the function FUN_0041cc88.
CVE-2022-32047 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00412ef4.
CVE-2022-32046 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_0041880c.
CVE-2022-32045 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the desc parameter in the function FUN_00413be4.
CVE-2022-32044 1Totolink 1T6 Firmware Nov 21, 2024 Jul 1, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 TOTOLINK T6 V4.1.9cu.5179_B20201015 was discovered to contain a stack overflow via the password parameter in the function FUN_00413f80.
CVE-2022-25084 1Totolink 1T6 Firmware Nov 21, 2024 Feb 24, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in the "Main" function. This vulnerability allows attackers to execute arbitrary commands via the QUERY_STRING parameter.
CVE-2022-25137 1Totolink 2T10 Firmware T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbi...Show more A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.Show less
CVE-2022-25136 1Totolink 2T10 Firmware T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitra...Show more A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.Show less
CVE-2022-25135 1Totolink 1T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25134 1Totolink 1T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25133 1Totolink 1T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25132 1Totolink 2T10 Firmware T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 allows attackers to execute arbitrary commands via a crafted MQTT packet.
CVE-2022-25131 1Totolink 2T10 Firmware T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execu...Show more A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.Show less
CVE-2022-25130 1Totolink 2T10 Firmware T6 Firmware Nov 21, 2024 Feb 19, 2022 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrar...Show more A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers T6 V3_Firmware T6_V3_V4.1.5cu.748_B20211015 and T10 V2_Firmware V4.1.8cu.5207_B20210320 allows attackers to execute arbitrary commands via a crafted MQTT packet.Show less

Previous 12